Software Defined Networking (SDN) - OpenFlow and OVSDB connection

This article is based on OpenFlow and OVSDB connection between SDN controller and Openflow based switches and provides details on connection lifecycle. We will use open source SDN controller i.e. Opendaylight (ODL) Carbon release and Openflow virtual switch i.e. OpenVswitch (OVS) version 2.6.0 to describe about OVSDB and Openflow connection.

OVSDB and Openflow connection

OVSDB is OVS database management protocol which defines schema for OVS database and specification for communication between controller and switch. SDN controller uses this protocol to control OVS switch by populating its database with the intended configuration.

Typically, SDN controller runs in passive mode to listen for OVSDB and Openflow connections from OVS on ports 6640 and 6653 respectively.

So first, let us start ODL controller, you can download it from here. It is a prerequisite to set JAVA_HOME environment variable in your system to latest Java version. Running ODL is so easy, just do below steps:

Enter the ‘bin’ sub-directory located under the top-level directory of the downloaded package.

Run the following command to get your controller up: karaf

Below is the image for above steps performed:

As we need to manage OVS switches to which OVSDB and Openflow connections will be made, so Openflow and OVSDB plugins need to be installed into ODL. which is to be done This can be done as shown below:

Once Openflow and OVSDB plugins are installed, ODL starts listening for Openflow and OVSDB connections at 6653 and 6640 port respectively. This can be checked at controller by running the following commands:

netstat -a | grep 6653

netstat -a | grep 6640

It is noted that OVS switch should already be running before executing any OVS command. To run OVS on Ubuntu, run the following command with root permissions:

sudo /etc/init.d/openvswitch-switch start

It is available as service, so you can check its status as well.

sudo /etc/init.d/openvswitch-switch status

Once, OVS is running, you can execute its CLI commands also. For example,

sudo ovs-vsctl show

Below is the image for above command execution output:

At OVS side, below command is run to initiate OVSDB connection with controller:

ovs-vsctl set-manager tcp:<controller-IP>:6640

To confirm that the connection is established, below command can be run which shows ‘is_connected’ flag is set to true in the output.

sudo ovs-vsctl show

Openflow connection is made on bridge, so either you can create bridge on OVS or ODL can also create bridge on OVS by sending configuration to OVS via OVSDB connection. Over the bridge in OVS, below command can be run to connect bridge to ODL, which establishes establishing Openflow connection between ODL and OVS.

ovs-vsctl set-controller <bridge name> tcp:<controller-IP>:6653

Check below for their connection details.

As we have seen from OVS side that OVSDB and Openflow connections have been made and same can be verified at ODL side by running the following commands.

netstat -a | grep 6653

netstat -a | grep 6640

Check below image for the output of the commands which confirms connection ESTABLISHED state:

Since OVSDB and Openflow connection as are based on TCP, messages exchanged between ODL and OVS can be easily captured through Wireshark software. Check below packet capture image which shows messages exchanged during connection setup.

In Wireshark packet capture logs, you can see various Openflow messages which are exchanged between controller and OVS during connection setup.

As you are seeing during connection setup, ODL sent FEATURES_REQUEST Openflow messages and in response, ODL received FEATURES_REPLY from OVS. Inside FEATURES_REPLY messages, ODL gets datapath ID (i.e. unique identifier) of OVS bridge which takes care of forwarding (based on Openflow rules configured by OFL) the traffic among the Virtual machines connected to the ports of OVS.

At OVS side, the following command can be run to show details of bridge.

sudo ovs-ofctl show br-int -OOpenFlow13

Check below image for the output of the command:

Here, you can see FEATURE_REPLY shows the datapath ID (in hex format) of the bridge on OVS.

Even ODL has dashboard DLUX feature which gives GUI web interface to ODL controller at url http://localhost:8181/index.html on which ODL user can log in (by default username and password is ‘admin’) and check network topology on the browser of the system where ODL is running. Check below images for same.

In the above image, you can see the OVS switch is shown in the network topology being managed by ODL controller. Since, we have connected one switch only, that is why only one Openflow node is shown. Here, OVS switch is shown with its datapath ID in decimal format.

To delete Openflow connection with ODL, below command can be run at OVS:

ovs-vsctl del-controller <bridge name>

To delete OVSDB connection with ODL, below command can be run at OVS:

ovs-vsctl del-manager

After connection is deleted, ‘is_conncted’ flag that was ‘true’ when connection was established, will disappear from output of ‘ovs-vsctl show’ CLI command of OVS.

For debugging and troubleshooting, you can check log files maintained in ODL and OVS.

ODL logging path

When ODL distribution (which you have downloaded) is unzipped and you run the ‘karaf’ binary executable, then ‘log’ sub-directory gets created which contains karaf.log files and their generic path is: ~/distribution-karaf-<version-number>-<release name>/data/log.

Check below image for ODL side log files.

OVS logging path

When OVS is running, it generates an OVSDB log file named ‘ovsdb-server.log’ and Openflow log file named ‘ovs-vswitchd.log’ at path: